Saviynt is an identity authority platform built to power and protect the world at work. In a world of digital transformation, where organizations are faced with increasing cyber risk but cannot afford defensive measures to slow down progress, Saviynt’s Enterprise Identity Cloud gives customers unparalleled visibility, control and intelligence to better defend against threats while empowering users with right-time, right-level access to the digital technologies and tools they need to do their best work.
Location: Bangalore, India
Responsibilities:
· Lead and manage Security Operations Centre
· Must be hands on in terms of creating detection logic, monitoring alerts etc.
· Primarily responsible for security event monitoring, management and response
· Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
· Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
· Provide input/review and development of security and compliance controls and
· vulnerabilities against policies, standards, and frameworks in the following frameworks such as ISO 27001, SOC2, and PCI
· Conduct manual validation to confirm vulnerability closure
· Revise and develop processes to strengthen the current Security Operations Framework
· Regularly review standard operating procedures and protocols to ensure SOC continues to effectively meet operational requirements
· Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre
· Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
· Continual process improvement in infrastructure security assessments, reporting and
· remediation to reduce risk.
· Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
· Routinely engage with cross functional teams to evaluate SOCs ability to meet stakeholder needs
· Evaluate existing technical capabilities and systems and identify opportunities for improvement
· Oversee training and exercises to ensure SOC team proficiency, conduct after action reviews to identify lessons learned and best practices
· Work closely Security Leadership to identify implement process changes, improvements and efficiencies and ensure solid security practices
· Develop communication channels with technology owners and the business to evangelize the evolving threat landscape
· Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments
· Serve as subject matter expert for vulnerability management issue resolution
· Communicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resources
· Administer security infrastructure including intrusion detection, data loss prevention, anti-virus
· Administer endpoint security controls
· Evaluate key threat intelligence feeds, assesses risk, and recommends actions for cybersecurity operations improvements
· Advise IT teams regarding patch notifications, initial risk assessment, eligible systems, and deployment requirements
· Perform assessment of internal and third-party cybersecurity risk
· Support responses to customer inquiries about Saviynt compliance related to IT and Security
· Interface with external auditors in managing ongoing compliance and audits as it pertains to SOC activities
· Work with leading Cloud Service Providers (CSPs) to validate vulnerability management security posture of their products and services
· Monitor and maintain enterprise security scanning tools
Qualifications:
·
· Subject matter expert in Cyber Defense / SOC, cloud/server infrastructure security
· Bachelor of Science degree in Computer Science or related field is required
· Around 10+ years security incident response experience
· Excellent analytical thinking and problem solving skills
· Experience in vulnerability program management
· Working experience with AWS, Google Cloud Platform or Microsoft Azure
· Working experience with a major scripting language is desirable
· Prior experience as a SOC analyst/ SOC Engineer is of paramount importance, to demonstrate hands-on capabilities
· Must have excellent written, communication and verbal skills to assist with communications with other teams and writing executive summaries based on work output
· Ability to lead, influence and collaborate with remote team members, proven delivery, remediation and incident response background
· Solid background in security incident response and vulnerability management
· Self-starter and outcomes oriented, can work with minimal supervision but knows when to escalat
If required for this role, you will:
- Complete security & privacy literacy and awareness training during onboarding and annually thereafter
- Review (initially and annually thereafter), understand, and adhere to Information Security/Privacy Policies and Procedures such as (but not limited to):
> Data Classification, Retention & Handling Policy
> Incident Response Policy/Procedures
> Business Continuity/Disaster Recovery Policy/Procedures
> Mobile Device Policy
> Account Management Policy
> Access Control Policy
> Personnel Security Policy
> Privacy Policy
Saviynt is an amazing place to work. We are a high-growth, Platform as a Service company focused on Identity Authority to power and protect the world at work. You will experience tremendous growth and learning opportunities through challenging yet rewarding work which directly impacts our customers, all within a welcoming and positive work environment. If you're resilient and enjoy working in a dynamic environment you belong with us!
Saviynt is an equal opportunity employer and we welcome everyone to our team. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.